Skip to content
Log in

Security incident

Definition

An event or chain of events that violates an organisation's security policy or credibly threatens the confidentiality, integrity, or availability of information assets. The declaration of an incident formally activates the incident response process.

Related terms

Alert
A notification generated when an event or pattern of events matches a detection rule. Alerts require triage to determine whether they represent...
Data breach
An incident in which an unauthorised party gains access to, copies, or discloses protected data. Breaches trigger specific legal notification requirements under...
Insider threat
An incident originating from a person with legitimate access to an organisation's systems, whether through malicious intent (data theft, sabotage) or negligence...
Ransomware
Malware that encrypts or exfiltrates data and demands payment for restoration or suppression. Modern ransomware incidents often combine an availability impact (encrypted...
Security event
Any observable occurrence in a system or network. Events are the raw material from which alerts and incidents are identified; the vast...

Explained in

  • What Is a Security IncidentAn event or chain of events that violates an organisation's security policy or credibly threatens the confidentiality, integrity, or availability of informatio...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account